I realize this thread has largely devolved into a philosophical discussion about whether one *should* do this, but I think the technical question of how one *could* do this is still a valid one. I've thought about this a while and so far the only practical and secure answer I've come up with is to encrypt the javascript using PGP or a similar scheme. This would require a custom built version of the node executable that is capable of reading the encrypted files because it has the public key baked in. You'd use the private key to encrypt the javascript files that you distribute with your application. Some care would need to be taken to ensure that the executable couldn't be coerced into producing decrypted versions of your files.
--Ken On Thursday, February 23, 2012 7:56:43 AM UTC-8, Jeremy Rudd wrote: > > *What:* Can NodeJS apps be distributed as binary? ie. you compile the .js > app via V8 into its native binary, and distribute the binary to our > clients? ... or is minifying the code all you can do? > > *Why:* We build serverside applications in NodeJS for clients, that have > often to be hosted on the client's servers. Distributing source code means > clients can easily steal our solution and stop paying licensing fees. This > opens up the possibility of easy reverse-engineering or reuse of our apps > without our awareness. > > *Shamelessly cross posted on*: > http://stackoverflow.com/questions/9413123/secure-distribution-of-nodejs-applications > -- Job Board: http://jobs.nodejs.org/ Posting guidelines: https://github.com/joyent/node/wiki/Mailing-List-Posting-Guidelines You received this message because you are subscribed to the Google Groups "nodejs" group. To post to this group, send email to nodejs@googlegroups.com To unsubscribe from this group, send email to nodejs+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/nodejs?hl=en?hl=en
